Add namespace page access control
This commit is contained in:
nkorange
parent
de836a6e2b
commit
13126a3af6
@ -20,6 +20,9 @@ import com.alibaba.nacos.config.server.model.TenantInfo;
|
|||||||
import com.alibaba.nacos.config.server.service.PersistService;
|
import com.alibaba.nacos.config.server.service.PersistService;
|
||||||
import com.alibaba.nacos.console.model.Namespace;
|
import com.alibaba.nacos.console.model.Namespace;
|
||||||
import com.alibaba.nacos.console.model.NamespaceAllInfo;
|
import com.alibaba.nacos.console.model.NamespaceAllInfo;
|
||||||
|
import com.alibaba.nacos.console.security.nacos.NacosAuthConfig;
|
||||||
|
import com.alibaba.nacos.core.auth.ActionTypes;
|
||||||
|
import com.alibaba.nacos.core.auth.Secured;
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
@ -55,6 +58,7 @@ public class NamespaceController {
|
|||||||
* @return namespace list
|
* @return namespace list
|
||||||
*/
|
*/
|
||||||
@GetMapping
|
@GetMapping
|
||||||
|
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.READ)
|
||||||
public RestResult<List<Namespace>> getNamespaces(HttpServletRequest request, HttpServletResponse response) {
|
public RestResult<List<Namespace>> getNamespaces(HttpServletRequest request, HttpServletResponse response) {
|
||||||
RestResult<List<Namespace>> rr = new RestResult<List<Namespace>>();
|
RestResult<List<Namespace>> rr = new RestResult<List<Namespace>>();
|
||||||
rr.setCode(200);
|
rr.setCode(200);
|
||||||
@ -82,6 +86,7 @@ public class NamespaceController {
|
|||||||
* @return namespace all info
|
* @return namespace all info
|
||||||
*/
|
*/
|
||||||
@GetMapping(params = "show=all")
|
@GetMapping(params = "show=all")
|
||||||
|
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.READ)
|
||||||
public NamespaceAllInfo getNamespace(HttpServletRequest request, HttpServletResponse response,
|
public NamespaceAllInfo getNamespace(HttpServletRequest request, HttpServletResponse response,
|
||||||
@RequestParam("namespaceId") String namespaceId) {
|
@RequestParam("namespaceId") String namespaceId) {
|
||||||
// TODO 获取用kp
|
// TODO 获取用kp
|
||||||
@ -106,6 +111,7 @@ public class NamespaceController {
|
|||||||
* @return whether create ok
|
* @return whether create ok
|
||||||
*/
|
*/
|
||||||
@PostMapping
|
@PostMapping
|
||||||
|
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.WRITE)
|
||||||
public Boolean createNamespace(HttpServletRequest request, HttpServletResponse response,
|
public Boolean createNamespace(HttpServletRequest request, HttpServletResponse response,
|
||||||
@RequestParam("customNamespaceId") String namespaceId,
|
@RequestParam("customNamespaceId") String namespaceId,
|
||||||
@RequestParam("namespaceName") String namespaceName,
|
@RequestParam("namespaceName") String namespaceName,
|
||||||
@ -138,6 +144,7 @@ public class NamespaceController {
|
|||||||
* @return java.lang.Boolean
|
* @return java.lang.Boolean
|
||||||
*/
|
*/
|
||||||
@GetMapping(params = "checkNamespaceIdExist=true")
|
@GetMapping(params = "checkNamespaceIdExist=true")
|
||||||
|
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.READ)
|
||||||
public Boolean checkNamespaceIdExist(@RequestParam("customNamespaceId") String namespaceId){
|
public Boolean checkNamespaceIdExist(@RequestParam("customNamespaceId") String namespaceId){
|
||||||
if(StringUtils.isBlank(namespaceId)){
|
if(StringUtils.isBlank(namespaceId)){
|
||||||
return false;
|
return false;
|
||||||
@ -154,6 +161,7 @@ public class NamespaceController {
|
|||||||
* @return whether edit ok
|
* @return whether edit ok
|
||||||
*/
|
*/
|
||||||
@PutMapping
|
@PutMapping
|
||||||
|
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.WRITE)
|
||||||
public Boolean editNamespace(@RequestParam("namespace") String namespace,
|
public Boolean editNamespace(@RequestParam("namespace") String namespace,
|
||||||
@RequestParam("namespaceShowName") String namespaceShowName,
|
@RequestParam("namespaceShowName") String namespaceShowName,
|
||||||
@RequestParam(value = "namespaceDesc", required = false) String namespaceDesc) {
|
@RequestParam(value = "namespaceDesc", required = false) String namespaceDesc) {
|
||||||
@ -171,6 +179,7 @@ public class NamespaceController {
|
|||||||
* @return whether del ok
|
* @return whether del ok
|
||||||
*/
|
*/
|
||||||
@DeleteMapping
|
@DeleteMapping
|
||||||
|
@Secured(resource = NacosAuthConfig.CONSOLE_RESOURCE_NAME_PREFIX + "namespaces", action = ActionTypes.WRITE)
|
||||||
public Boolean deleteConfig(HttpServletRequest request, HttpServletResponse response,
|
public Boolean deleteConfig(HttpServletRequest request, HttpServletResponse response,
|
||||||
@RequestParam("namespaceId") String namespaceId) {
|
@RequestParam("namespaceId") String namespaceId) {
|
||||||
persistService.removeTenantInfoAtomic("1", namespaceId);
|
persistService.removeTenantInfoAtomic("1", namespaceId);
|
||||||
|
|||||||
@ -168,12 +168,6 @@ public class ServiceManager implements RecordListener<Service> {
|
|||||||
Service service = chooseServiceMap(namespace).get(name);
|
Service service = chooseServiceMap(namespace).get(name);
|
||||||
Loggers.RAFT.info("[RAFT-NOTIFIER] datum is deleted, key: {}", key);
|
Loggers.RAFT.info("[RAFT-NOTIFIER] datum is deleted, key: {}", key);
|
||||||
|
|
||||||
// check again:
|
|
||||||
if (service != null && !service.allIPs().isEmpty()) {
|
|
||||||
Loggers.SRV_LOG.warn("service not empty, key: {}", key);
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (service != null) {
|
if (service != null) {
|
||||||
service.destroy();
|
service.destroy();
|
||||||
consistencyService.remove(KeyBuilder.buildInstanceListKey(namespace, name, true));
|
consistencyService.remove(KeyBuilder.buildInstanceListKey(namespace, name, true));
|
||||||
@ -414,10 +408,6 @@ public class ServiceManager implements RecordListener<Service> {
|
|||||||
throw new IllegalArgumentException("specified service not exist, serviceName : " + serviceName);
|
throw new IllegalArgumentException("specified service not exist, serviceName : " + serviceName);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!service.allIPs().isEmpty()) {
|
|
||||||
throw new IllegalArgumentException("specified service has instances, serviceName : " + serviceName);
|
|
||||||
}
|
|
||||||
|
|
||||||
consistencyService.remove(KeyBuilder.buildServiceMetaKey(namespaceId, serviceName));
|
consistencyService.remove(KeyBuilder.buildServiceMetaKey(namespaceId, serviceName));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user